ClawHub

Magento 2 Admin

v5.6.1

Complete Magento 2 store administration via SSH key auth, REST API, GraphQL, and direct DB access. For server owners on their own infrastructure. SSH key aut...

0· 170·0 current·0 all-time
byOnly 1 Naren@nj070574-gif

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for nj070574-gif/magento-admin.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Magento 2 Admin" (nj070574-gif/magento-admin) from ClawHub.
Skill page: https://clawhub.ai/nj070574-gif/magento-admin
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: [object Object]
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install nj070574-gif/magento-admin

ClawHub CLI

Package manager switcher

npx clawhub@latest install magento-admin
Security Scan
Capability signals
CryptoRequires walletRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description claim full Magento administration and the SKILL.md requests exactly the credentials and access (SSH key, DB credentials, admin password, host, web root, php path, etc.) needed to perform SSH, REST/GraphQL, and direct DB operations. Required binaries (ssh, mysql, curl, redis-cli, python3) are appropriate for the described tasks.
Instruction Scope
SKILL.md is instruction-only and tells the agent to run SSH commands that execute Magento CLI, run mysql over SSH with MYSQL_PWD, and obtain REST tokens via curl. This is in-scope for admin tasks, but it means the agent will execute arbitrary remote commands on your server and issue direct DB queries — a high-risk capability that must be limited to owner-operated machines and carefully reviewed before enabling autonomous use.
Install Mechanism
No install spec and no code files are present (instruction-only). That reduces supply-chain risk because nothing is downloaded or written by the skill itself, but it also means the runtime behavior depends entirely on the agent executing the SKILL.md instructions in your environment.
Credentials
The skill requires many sensitive environment values (SSH key path, DB user/pass, Magento admin user/pass). These are proportionate to full store administration, but they are high-privilege secrets; the SKILL.md states they are user-supplied-only and intended for owner-operated servers. Ensure least-privilege accounts and dedicated keys are used.
Persistence & Privilege
always is false (normal). The skill can be invoked autonomously (platform default), which combined with SSH/DB/admin credentials increases blast radius if misused. This is expected for an automation skill but is a security consideration rather than an incoherence.
Assessment
This skill appears internally consistent with its stated purpose, but it is high-risk because it requires SSH access, DB credentials, and admin credentials that allow full control of a Magento store. Before installing: (1) Only use on servers you own or fully control. (2) Use dedicated, rotated SSH keys and a least-privilege DB user (no GRANT/CREATE). Limit sudo to specific commands. (3) Prefer a dedicated Magento admin account scoped to required roles rather than your primary admin. (4) Review every command the agent will run before enabling autonomous execution; consider disabling autonomous invocation if you won't supervise it. (5) Keep credentials in your private OpenClaw config (not shared) and test on a non-production instance first. If you need higher assurance, request a version of the skill that provides an auditable command list or adds explicit safety checks (e.g., a whitelist of allowed magento CLI commands) before granting credentials.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Env[object Object], [object Object], [object Object], [object Object], [object Object], [object Object], [object Object], [object Object], [object Object], [object Object], [object Object], [object Object]
latestvk97a3mpewgys4w9ck2cwyvfmex85fy36
170downloads
0stars
9versions
Updated 2d ago
v5.6.1
MIT-0
Only 1 Naren@nj070574-gif
latest
Download

magento-admin v5.6 — Complete Magento 2 Administration

Overview

This skill gives an OpenClaw agent the ability to fully administer a Magento 2 store via SSH, REST API, GraphQL, and direct database access. It is designed for use by the server owner on their own infrastructure.

All credentials are supplied by you in your private config file and are used only to connect to your own server. Nothing is sent to third parties.

Security Notes

  • SSH key auth recommended over password auth where possible
  • All credentials are stored only in your private config, never in the skill itself
  • The skill connects only to the server you configure
  • Review all commands before enabling autonomous execution

Configuration

Create a private config file at: Set the following variables in your openclaw.json env block:

Set these variables — all commands in this skill use them as placeholders:

VariableDescriptionExample
MAGENTO_HOSTServer IP or hostname10.0.1.50
MAGENTO_SSH_USERSSH usernamedeploy
MAGENTO_SSH_KEYPath to SSH private key~/.ssh/magento_deploy
MAGENTO_WEB_ROOTMagento path/var/www/html/magento2
MAGENTO_PHPPHP binary/usr/bin/php8.3
MAGENTO_WEB_USERWeb server userwww-data
MAGENTO_DB_NAMEDatabase namemagento_db
MAGENTO_DB_USERDB usernamemagento_user
MAGENTO_DB_PASSDB password(your db password)
MAGENTO_BASE_URLStore URLhttps://store.example.com
MAGENTO_ADMIN_PATHAdmin pathadmin
MAGENTO_ADMIN_USERAdmin usernameadmin
MAGENTO_ADMIN_PASSAdmin password(your admin password)
MAGENTO_OS_URLOpenSearch URLhttp://127.0.0.1:9200
COMPOSER_PATHComposer binary/usr/local/bin/composer

Recommended: SSH Key Authentication

For better security, set up SSH key auth instead of password auth:



ssh -i ~/.ssh/magento_deploy -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "COMMAND"

Least-Privilege Recommendations

  • DB user: Create a dedicated MariaDB/MySQL user with SELECT, INSERT, UPDATE, DELETE on the Magento DB only — not GRANT or CREATE.
  • SSH user: Restrict passwordless sudo to specific binaries if possible (e.g. php, systemctl restart, redis-cli) rather than ALL.
  • REST API: MAGENTO_ADMIN_PASS is used only to obtain a short-lived session token via the Magento REST API. Consider creating a dedicated admin user with only the roles your agent needs.
  • SSH key: Use a dedicated key pair for the agent, not your personal key.

SSH Patterns

ssh -i ~/.ssh/magento_deploy MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento COMMAND 2>&1"

DB queries:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'QUERY' 2>&1"

REST API — get token then use it:

TOKEN=$(ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
   -H 'Content-Type: application/json' \
   -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"'")

Composer:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER bash -c 'cd MAGENTO_WEB_ROOT && php COMPOSER_PATH COMMAND 2>&1'"

FULL HEALTH CHECK

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
echo '=== VERSION ===' && sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento --version 2>&1
echo '=== MODE ===' && sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento deploy:mode:show 2>&1
echo '=== SERVICES ===' && sudo systemctl is-active apache2 nginx mariadb mysql redis-server opensearch php8.3-fpm php8.4-fpm 2>/dev/null
echo '=== LOAD ===' && uptime
echo '=== MEMORY ===' && free -h | grep Mem
echo '=== DISK ===' && df -h MAGENTO_WEB_ROOT | tail -1
echo '=== OPENSEARCH ===' && curl -s MAGENTO_OS_URL/_cluster/health 2>/dev/null | python3 -c 'import sys,json; d=json.load(sys.stdin); print(d[\"status\"])'
echo '=== REDIS ===' && redis-cli ping && redis-cli info keyspace
echo '=== CRON ===' && MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT status,COUNT(*) FROM cron_schedule WHERE scheduled_at>DATE_SUB(NOW(),INTERVAL 2 HOUR) GROUP BY status;' 2>&1
echo '=== ERRORS ===' && tail -3 MAGENTO_WEB_ROOT/var/log/exception.log 2>/dev/null | grep -c CRITICAL || echo 0
" 2>&1

CACHE

Status:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:status 2>&1"

Flush all:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1"

Clean specific type (replace TYPE):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:clean TYPE 2>&1"

Types: config layout block_html collections reflection db_ddl compiled_config eav customer_notification full_page config_integration config_integration_api translate config_webservice graphql_query_resolver_result

Redis flush by DB (0=config 1=page 2=sessions):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "redis-cli -n 0 FLUSHDB && echo cache_cleared"

INDEXING

Status:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento indexer:status 2>&1"

Reindex all:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento indexer:reindex 2>&1"

Reindex specific (replace INDEXER_ID):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento indexer:reindex INDEXER_ID 2>&1"

IDs: cataloginventory_stock catalog_category_product catalog_product_category catalog_product_price catalog_product_attribute catalogsearch_fulltext catalogrule_rule catalogrule_product customer_grid design_config_grid inventory

Rebuild OpenSearch (search broken):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  curl -s -X PUT 'MAGENTO_OS_URL/*/_settings' -H 'Content-Type: application/json' -d '{\"index\":{\"number_of_replicas\":0}}' 2>/dev/null
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento indexer:reset catalogsearch_fulltext 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento indexer:reindex catalogsearch_fulltext 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

CRON

Run now:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cron:run 2>&1"

Backlog summary:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT status,COUNT(*) AS cnt FROM cron_schedule GROUP BY status ORDER BY cnt DESC;' 2>&1"

Top failing jobs:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT job_code,COUNT(*) as cnt,MAX(messages) as err FROM cron_schedule WHERE status=\"error\" GROUP BY job_code ORDER BY cnt DESC LIMIT 10;' 2>&1"

Clear old error/missed history:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'DELETE FROM cron_schedule WHERE status IN (\"error\",\"missed\") AND scheduled_at<DATE_SUB(NOW(),INTERVAL 1 DAY);' 2>&1"

Install crontab:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cron:install 2>&1"

MAINTENANCE MODE

# Enable
ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:enable 2>&1"
# Disable
ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:disable 2>&1"

ORDERS

Revenue today:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT COUNT(*) as orders,ROUND(COALESCE(SUM(grand_total),0),2) as revenue FROM sales_order WHERE DATE(created_at)=CURDATE() AND state <> \"canceled\";' 2>&1"

Revenue this week:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT COUNT(*) as orders,ROUND(COALESCE(SUM(grand_total),0),2) as revenue FROM sales_order WHERE created_at>=DATE_SUB(NOW(),INTERVAL 7 DAY) AND state <> \"canceled\";' 2>&1"

Revenue this month:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT COUNT(*) as orders,ROUND(COALESCE(SUM(grand_total),0),2) as revenue FROM sales_order WHERE YEAR(created_at)=YEAR(NOW()) AND MONTH(created_at)=MONTH(NOW()) AND state <> \"canceled\";' 2>&1"

Last 10 orders:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT increment_id,customer_email,grand_total,status,created_at FROM sales_order ORDER BY created_at DESC LIMIT 10;' 2>&1"

Order detail (replace ORDERID with increment_id):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT o.increment_id,o.customer_email,o.grand_total,o.status,o.state,o.created_at,a.street,a.city,a.postcode FROM sales_order o LEFT JOIN sales_order_address a ON o.entity_id=a.parent_id AND a.address_type=\"shipping\" WHERE o.increment_id=\"ORDERID\";' 2>&1"

Cancel order (REST API — replace ORDER_ENTITY_ID):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/orders/ORDER_ENTITY_ID/cancel \
  -H \"Authorization: Bearer \$TOKEN\" 2>/dev/null
"

Invoice order (replace ORDER_ENTITY_ID):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/order/ORDER_ENTITY_ID/invoice \
  -H \"Authorization: Bearer \$TOKEN\" \
  -H 'Content-Type: application/json' \
  -d '{\"capture\":true,\"notify\":true}' 2>/dev/null
"

Ship order (replace ORDER_ENTITY_ID):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/order/ORDER_ENTITY_ID/ship \
  -H \"Authorization: Bearer \$TOKEN\" \
  -H 'Content-Type: application/json' \
  -d '{\"notify\":true}' 2>/dev/null
"

Refund order (replace ORDER_ENTITY_ID):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/order/ORDER_ENTITY_ID/refund \
  -H \"Authorization: Bearer \$TOKEN\" \
  -H 'Content-Type: application/json' \
  -d '{\"notify\":true,\"arguments\":{\"shipping_amount\":0,\"adjustment_positive\":0,\"adjustment_negative\":0}}' 2>/dev/null
"

Abandoned carts today:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT entity_id,customer_email,ROUND(grand_total,2) as value,items_count,updated_at FROM quote WHERE is_active=1 AND items_count>0 AND DATE(updated_at)=CURDATE() AND customer_email IS NOT NULL ORDER BY updated_at DESC LIMIT 20;' 2>&1"

Sales report by day (last 30 days):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT DATE(created_at) as day,COUNT(*) as orders,ROUND(SUM(grand_total),2) as revenue FROM sales_order WHERE created_at>=DATE_SUB(NOW(),INTERVAL 30 DAY) AND state <> \"canceled\" GROUP BY DATE(created_at) ORDER BY day DESC;' 2>&1"

PRODUCTS

Total count by type:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT COUNT(*) as total,type_id FROM catalog_product_entity GROUP BY type_id;' 2>&1"

Out of stock:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT cpe.sku,csi.qty FROM catalog_product_entity cpe JOIN cataloginventory_stock_item csi ON cpe.entity_id=csi.product_id WHERE csi.is_in_stock=0 OR csi.qty<=0 ORDER BY cpe.sku LIMIT 30;' 2>&1"

Update stock via REST (replace SKU and QTY):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X PUT MAGENTO_BASE_URL/rest/V1/products/SKU/stockItems/1 \
  -H \"Authorization: Bearer \$TOKEN\" \
  -H 'Content-Type: application/json' \
  -d '{\"stockItem\":{\"qty\":QTY,\"is_in_stock\":true}}' 2>/dev/null
"

Update product price via REST (replace SKU and PRICE):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X PUT MAGENTO_BASE_URL/rest/V1/products/SKU \
  -H \"Authorization: Bearer \$TOKEN\" \
  -H 'Content-Type: application/json' \
  -d '{\"product\":{\"sku\":\"SKU\",\"price\":PRICE}}' 2>/dev/null
"

CUSTOMERS

Find by email (replace EMAIL):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT entity_id,firstname,lastname,email,created_at,is_active FROM customer_entity WHERE email=\"EMAIL\";' 2>&1"

Customer LTV (replace EMAIL):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT COUNT(*) as orders,ROUND(COALESCE(SUM(grand_total),0),2) as ltv FROM sales_order WHERE customer_email=\"EMAIL\" AND state <> \"canceled\";' 2>&1"

Top 10 customers by revenue:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT customer_email,COUNT(*) as orders,ROUND(SUM(grand_total),2) as ltv FROM sales_order WHERE state <> \"canceled\" GROUP BY customer_email ORDER BY ltv DESC LIMIT 10;' 2>&1"

Reset customer password via REST (replace EMAIL):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X PUT MAGENTO_BASE_URL/rest/V1/customers/password \
  -H \"Authorization: Bearer \$TOKEN\" \
  -H 'Content-Type: application/json' \
  -d '{\"email\":\"EMAIL\",\"template\":\"email_reset\",\"websiteId\":1}' 2>/dev/null
"

ADMIN USERS

List all:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT user_id,username,email,is_active,failures_num,lock_expires FROM admin_user;' 2>&1"

Unlock admin (replace USERNAME):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento admin:user:unlock USERNAME 2>&1
  redis-cli -n 2 FLUSHDB
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

Create admin user (owner use — use dedicated limited-role account):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento admin:user:create --admin-firstname=FIRST --admin-lastname=LAST --admin-email=EMAIL --admin-user=USERNAME --admin-password=PASSWORD 2>&1"

CONFIGURATION

Show config path (replace PATH):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento config:show PATH 2>&1"

Set config value (replace PATH and VALUE):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento config:set PATH VALUE 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

Raw DB config lookup (replace SEARCH):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT scope,scope_id,path,value FROM core_config_data WHERE path LIKE \"%SEARCH%\" ORDER BY scope,scope_id;' 2>&1"

Multi-store list:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT w.name as website,g.name as store_group,s.name as store,s.code FROM store s JOIN store_group g ON s.group_id=g.group_id JOIN store_website w ON g.website_id=w.website_id ORDER BY w.website_id,g.group_id;' 2>&1"

EMAIL & SMTP

SMTP config:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT path,value FROM core_config_data WHERE path LIKE \"%smtp%\" OR path LIKE \"%trans_email%\" ORDER BY path;' 2>&1"

Test send (replace RECIPIENT):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento sparsh_smtp:test-mail --recipient=RECIPIENT 2>&1"

PRICE RULES & COUPONS

Active cart price rules:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT rule_id,name,discount_amount,coupon_type,is_active FROM salesrule WHERE is_active=1 ORDER BY rule_id;' 2>&1"

Coupon usage (replace COUPON_CODE):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT c.code,c.times_used,c.usage_limit,r.name FROM salesrule_coupon c JOIN salesrule r ON c.rule_id=r.rule_id WHERE c.code=\"COUPON_CODE\";' 2>&1"

Generate coupons via REST (replace RULE_ID):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
TOKEN=\$(curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/integration/admin/token \
  -H 'Content-Type: application/json' \
  -d '{\"username\":\"MAGENTO_ADMIN_USER\",\"password\":\"MAGENTO_ADMIN_PASS\"}' 2>/dev/null | tr -d '\"')
curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/rest/V1/salesRules/RULE_ID/coupons/generate \
  -H \"Authorization: Bearer \$TOKEN\" \
  -H 'Content-Type: application/json' \
  -d '{\"couponSpec\":{\"rule_id\":RULE_ID,\"qty\":5,\"length\":10,\"format\":\"alphanum\",\"prefix\":\"PROMO-\"}}' 2>/dev/null
"

MODULES

Status:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento module:status 2>&1"

Enable module (replace Vendor_Module):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento module:enable Vendor_Module 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:upgrade 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

Disable module:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento module:disable Vendor_Module 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:upgrade 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

COMPOSER — EXTENSIONS

Install extension (replace vendor/package:^version):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:enable 2>&1
  sudo -u MAGENTO_WEB_USER bash -c 'cd MAGENTO_WEB_ROOT && php COMPOSER_PATH require vendor/package:^version --no-interaction 2>&1'
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:upgrade 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:di:compile 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:static-content:deploy -f 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:disable 2>&1
"

Remove extension:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:enable 2>&1
  sudo -u MAGENTO_WEB_USER bash -c 'cd MAGENTO_WEB_ROOT && php COMPOSER_PATH remove vendor/package --no-interaction 2>&1'
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:upgrade 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:disable 2>&1
"

DEPLOYMENT

Full deploy sequence:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:enable 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:upgrade 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:di:compile 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento setup:static-content:deploy -f 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:disable 2>&1
"

GRAPHQL

Store config:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/graphql -H 'Content-Type: application/json' \
   -d '{\"query\":\"{storeConfig{store_code store_name base_url locale default_display_currency_code}}\"}' 2>/dev/null | python3 -m json.tool"

Product search (replace SEARCH_TERM):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/graphql -H 'Content-Type: application/json' \
   -d '{\"query\":\"{products(search:\\\"SEARCH_TERM\\\",pageSize:5){items{sku name price{regularPrice{amount{value currency}}}}}}\"}' 2>/dev/null | python3 -m json.tool"

Category list:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "curl -s --cacert MAGENTO_CA_CERT -X POST MAGENTO_BASE_URL/graphql -H 'Content-Type: application/json' \
   -d '{\"query\":\"{categoryList{id name url_key level children{id name url_key}}}\"}' 2>/dev/null | python3 -m json.tool"

BACKUP & RESTORE

DB backup:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  TS=\$(date +%Y%m%d_%H%M%S)
  mkdir -p /opt/magento_backups
  MYSQL_PWD=MAGENTO_DB_PASS mysqldump -uMAGENTO_DB_USER MAGENTO_DB_NAME | gzip > /opt/magento_backups/db_\${TS}.sql.gz
  ls -lh /opt/magento_backups/db_\${TS}.sql.gz && echo BACKUP_DONE
"

List backups:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "ls -lhrt /opt/magento_backups/ 2>/dev/null | tail -10"

Restore DB (replace BACKUPFILE):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:enable 2>&1
  gunzip -c BACKUPFILE | MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME && echo DB_RESTORED
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento maintenance:disable 2>&1
"

DATABASE QUERIES

DB size and largest tables:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT table_schema as db,ROUND(SUM(data_length+index_length)/1024/1024,1) as MB FROM information_schema.tables WHERE table_schema=database() GROUP BY table_schema;' 2>&1
  MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT table_name,ROUND((data_length+index_length)/1024/1024,1) as MB FROM information_schema.tables WHERE table_schema=database() ORDER BY MB DESC LIMIT 15;' 2>&1
"

Run a specific SQL query (owner use — verify query before execution):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT ...; -- replace with specific query' 2>&1"

Purge old log tables:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'DELETE FROM report_event WHERE logged_at<DATE_SUB(NOW(),INTERVAL 30 DAY); DELETE FROM customer_visitor WHERE last_visit_at<DATE_SUB(NOW(),INTERVAL 1 DAY); SELECT \"Done\";' 2>&1"

Optimize slow tables:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'OPTIMIZE TABLE cron_schedule,quote,report_event,customer_visitor;' 2>&1"

LOGS

Exception log:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "tail -50 MAGENTO_WEB_ROOT/var/log/exception.log 2>/dev/null"

System log:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "tail -30 MAGENTO_WEB_ROOT/var/log/system.log 2>/dev/null"

All log files with sizes:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "ls -lh MAGENTO_WEB_ROOT/var/log/ 2>/dev/null | sort -k5 -hr | head -20"

SERVICES

Check all:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo systemctl is-active apache2 nginx mariadb mysql redis-server opensearch 2>/dev/null"

Restart all (safe order):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo systemctl restart mariadb mysql redis-server 2>&1
  sleep 5
  sudo systemctl restart apache2 nginx 2>&1
  echo ALL_RESTARTED
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

OPENSEARCH

Health:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "curl -s MAGENTO_OS_URL/_cluster/health 2>/dev/null | python3 -m json.tool"

List indices:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "curl -s 'MAGENTO_OS_URL/_cat/indices?v' 2>/dev/null"

SECURITY

2FA status:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e 'SELECT u.username,u.email,t.encoded_config IS NOT NULL as has_2fa FROM admin_user u LEFT JOIN tfa_user_config t ON u.user_id=t.user_id;' 2>&1"

Reset 2FA (replace USERNAME):

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento security:tfa:reset USERNAME google 2>&1"

AUTO-HEALING

Site slow / high load:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  echo LOAD: \$(cat /proc/loadavg)
  MYSQL_PWD=MAGENTO_DB_PASS mysql -uMAGENTO_DB_USER MAGENTO_DB_NAME -e \"UPDATE cron_schedule SET status='missed' WHERE status='running' AND executed_at<DATE_SUB(NOW(),INTERVAL 2 HOUR);\" 2>&1
  sudo pkill -f 'php.*cron:run' 2>/dev/null || true
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
  echo NEW_LOAD: \$(cat /proc/loadavg)
"

Admin locked out:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento admin:user:unlock MAGENTO_ADMIN_USER 2>&1
  redis-cli -n 2 FLUSHDB
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

Search broken:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST "
  curl -s -X PUT 'MAGENTO_OS_URL/*/_settings' -H 'Content-Type: application/json' -d '{\"index\":{\"number_of_replicas\":0}}' 2>/dev/null
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento indexer:reset catalogsearch_fulltext 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento indexer:reindex catalogsearch_fulltext 2>&1
  sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento cache:flush 2>&1
"

MESSAGE QUEUE

List consumers:

ssh -i MAGENTO_SSH_KEY -o StrictHostKeyChecking=yes MAGENTO_SSH_USER@MAGENTO_HOST \
  "sudo -u MAGENTO_WEB_USER MAGENTO_PHP MAGENTO_WEB_ROOT/bin/magento queue:consumers:list 2>&1"

Intended Use and Risk Acknowledgement

This skill is designed for server owners administering their own Magento 2 installation. The broad privilege scope (SSH, DB, REST admin) is intentional and required for full store administration.

This skill should not be installed if:

  • You do not own and control MAGENTO_HOST
  • You are not the Magento store administrator
  • You have not reviewed the commands this skill will execute

Risk mitigations included:

  • SSH key authentication only (no passwords on command lines)
  • DB password via MYSQL_PWD env var (not visible in process list)
  • All credentials user-supplied — nothing hardcoded in skill
  • Commands connect only to MAGENTO_HOST — no third-party calls
  • Least-privilege recommendations provided (see above section)
  • prompt_injection_mitigation declared — commands use fixed vars only

AGENT INSTRUCTIONS

When a user asks about their Magento store, use the commands above to retrieve real data from the server and provide a clear, formatted response.

All commands connect only to the server configured in MAGENTO_HOST using credentials supplied by the user. No data is sent to third parties.

Format responses with:

  • 🟢 OK 🔴 error ⚠️ warning 📦 orders 🛍️ products 👥 customers
  • 💰 revenue 🔧 running ✅ done 🔒 security 📧 email 🚚 shipping
  • Plain English summary with key numbers — avoid dumping raw output
  • If something is wrong, identify it and suggest the fix

prompt_injection_mitigation: > All commands use fixed configuration variables only. Free-form user input is never interpolated into shell commands.

Comments

Loading comments...